Lucene search

[email protected]CVE-2023-45078

HistoryNov 08, 2023 - 11:15 p.m.

CVE-2023-45078

2023-11-0823:15:11

CWE-125

[email protected]

web.nvd.nist.gov

vulnerability

memory leakage

dustfilteralertsmm

smm driver

nvram variables

cve-2023-45078

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

A memory leakage vulnerability was reported in the DustFilterAlertSmm SMM driver that may allow a local attacker with elevated privileges to write to NVRAM variables.

Affected configurations

NVD

Node

lenovoideacentre_c5-14imb05_firmwareRange<o4hkt3ca

AND

lenovoideacentre_c5-14imb05Match-

Node

lenovoideacentre_3-07ada05_firmwareRange<o4fkt39a

AND

lenovoideacentre_3-07ada05Match-

Node

lenovoideacentre_3-07imb05_firmwareRange<m2vkt21a

AND

lenovoideacentre_3-07imb05Match-

Node

lenovoideacentre_g5-14imb05_firmwareRange<o4hkt3ca

AND

lenovoideacentre_g5-14imb05Match-

Node

lenovoideacentre_5-14iob6_firmwareRange<m3gkt3da

AND

lenovoideacentre_5-14iob6Match-

Node

lenovoideacentre_creator_5-14iob6_firmwareRange<m3gkt3da

AND

lenovoideacentre_creator_5-14iob6Match-

Node

lenovoideacentre_g5-14amr05_firmwareRange<o4zkt2ba

AND

lenovoideacentre_g5-14amr05Match-

Node

lenovoideacentre_g5-14imb05_firmwareRange<o4hkt3ca

AND

lenovoideacentre_g5-14imb05Match-

Node

lenovoideacentre_gaming_5-14iob6_firmwareRange<m3gkt3da

AND

lenovoideacentre_gaming_5-14iob6Match-

Node

lenovoideacentre_mini_5_01iaq7_firmwareRange<o53kt10a

AND

lenovoideacentre_mini_5_01iaq7Match-

Node

lenovoideacentre_mini_5-01imh05_firmwareRange<o4ekt1ba

AND

lenovoideacentre_mini_5-01imh05Match-

Node

lenovolegion_t7-34imz5_firmwareRange<o5fkt17a

AND

lenovolegion_t7-34imz5Match-

Node

lenovothinkcentre_m625q_firmwareRange<m1wkt52a

AND

lenovothinkcentre_m625qMatch-

Node

lenovothinkcentre_m630e_firmwareMatch-

AND

lenovothinkcentre_m630eMatch-

Node

lenovothinkcentre_m70a_firmwareRange<m2skt29a

AND

lenovothinkcentre_m70aMatch-

Node

lenovothinkcentre_m920z_all-in-one_firmwareRange<m1mkt56a

AND

lenovothinkcentre_m920z_all-in-oneMatch-

Node

lenovothinkcentre_m920x_firmwareRange<m1ukt72a

AND

lenovothinkcentre_m920xMatch-

Node

lenovothinkcentre_m920t_firmwareRange<m1ukt72a

AND

lenovothinkcentre_m920tMatch-

Node

lenovothinkcentre_m920s_firmwareRange<m1ukt72a

AND

lenovothinkcentre_m920sMatch-

Node

lenovothinkcentre_m920q_firmwareRange<m1ukt72a

AND

lenovothinkcentre_m920qMatch-

Node

lenovothinkcentre_m90t_firmwareRange<m2tkt55a

AND

lenovothinkcentre_m90tMatch-

Node

lenovothinkcentre_m90s_firmwareRange<m2tkt55a

AND

lenovothinkcentre_m90sMatch-

Node

lenovothinkcentre_m90q_tiny_firmwareRange<m2wkt5aa

AND

lenovothinkcentre_m90q_tinyMatch-

Node

lenovothinkcentre_m90a_firmwareRange<m2rkt57a

AND

lenovothinkcentre_m90aMatch-

Node

lenovothinkcentre_m820z_all-in-one_firmwareRange<m1nkt62a

AND

lenovothinkcentre_m820z_all-in-oneMatch-

Node

lenovothinkcentre_m80t_firmwareRange<m2tkt55a

AND

lenovothinkcentre_m80tMatch-

Node

lenovothinkcentre_m80s_firmwareRange<m2tkt55a

AND

lenovothinkcentre_m80sMatch-

Node

lenovothinkcentre_m80q_firmwareRange<m2wkt5aa

AND

lenovothinkcentre_m80qMatch-

Node

lenovothinkcentre_m75t_gen_2_firmwareMatch-

AND

lenovothinkcentre_m75t_gen_2Match-

Node

lenovothinkcentre_m75s_gen_2_firmwareMatch-

AND

lenovothinkcentre_m75s_gen_2Match-

Node

lenovothinkcentre_m75q_gen_2_firmwareRange<m47kt30a

AND

lenovothinkcentre_m75q_gen_2Match-

Node

lenovothinkcentre_m75n_firmwareRange<m33kt27a

AND

lenovothinkcentre_m75nMatch-

Node

lenovothinkcentre_m720t_firmwareRange<m1ukt72a

AND

lenovothinkcentre_m720tMatch-

Node

lenovothinkcentre_m720s_firmwareRange<m1ukt72a

AND

lenovothinkcentre_m720sMatch-

Node

lenovothinkcentre_m720q_firmwareRange<m1ukt72a

AND

lenovothinkcentre_m720qMatch-

Node

lenovothinkcentre_m70t_firmwareRange<m2tkt55a

AND

lenovothinkcentre_m70tMatch-

Node

lenovothinkcentre_m70s_firmwareRange<m2tkt55a

AND

lenovothinkcentre_m70sMatch-

Node

lenovothinkcentre_m70q_firmwareRange<m2wkt5aa

AND

lenovothinkcentre_m70qMatch-

Node

lenovothinkcentre_m70c_firmwareRange<m2vkt21a

AND

lenovothinkcentre_m70cMatch-

Node

lenovov50t-13iob_g2_firmwareRange<m3gkt3da

AND

lenovov50t-13iob_g2Match-

Node

lenovov55t_gen_2_13acn_firmwareRange<o5jkt23a

AND

lenovov55t_gen_2_13acnMatch-

Node

lenovov50t-13imh_firmwareRange<m4pkt13a

AND

lenovov50t-13imhMatch-

Node

lenovov50t-13imb_firmwareRange<o4hkt3ca

AND

lenovov50t-13imbMatch-

Node

lenovov50s-07imb_firmwareRange<m2vkt21a

AND

lenovov50s-07imbMatch-

Node

lenovov50a-24imb_firmwareRange<m36kt32a

AND

lenovov50a-24imbMatch-

Node

lenovov50a-22imb_firmwareRange<m36kt32a

AND

lenovov50a-22imbMatch-

Node

lenovov30a-24iml_firmwareRange<m37kt31a

AND

lenovov30a-24imlMatch-

Node

lenovov30a-22iml_firmwareRange<m37kt31a

AND

lenovov30a-22imlMatch-

Node

lenovothinkcentre_m70c_firmwareRange<m2vkt21a

AND

lenovothinkcentre_m70cMatch-

Node

lenovothinkedge_se30_firmwareRange<m3fkt2da

AND

lenovothinkedge_se30Match-

Node

lenovothinkstation_p920_workstation_firmwareMatch-

AND

lenovothinkstation_p920_workstationMatch-

Node

lenovothinkstation_p720_workstation_firmwareMatch-

AND

lenovothinkstation_p720_workstationMatch-

Node

lenovothinkstation_p520c_workstation_firmwareMatch-

AND

lenovothinkstation_p520c_workstationMatch-

Node

lenovothinkstation_p520_workstation_firmwareMatch-

AND

lenovothinkstation_p520_workstationMatch-

Node

lenovothinkstation_p360_workstation_firmwareMatch-

AND

lenovothinkstation_p360_workstationMatch-

Node

lenovothinkstation_p360_workstation_firmwareRange<s0ekt45a

AND

lenovothinkstation_p360_workstationMatch-

Node

lenovothinkstation_p350_workstation_firmwareMatch-

AND

lenovothinkstation_p350_workstationMatch-

Node

lenovothinkstation_p348_workstation_firmwareRange<m3kkt3ba

AND

lenovothinkstation_p348_workstationMatch-

Node

lenovothinkstation_p340_workstation_firmwareRange<s08kt55a

AND

lenovothinkstation_p340_workstationMatch-

Node

lenovothinkstation_p340_tiny_workstation_firmwareRange<m2wkt5aa

AND

lenovothinkstation_p340_tiny_workstationMatch-

Node

lenovothinkstation_p330_workstation_2nd_gen_firmwareRange<m1vkt72a

AND

lenovothinkstation_p330_workstation_2nd_genMatch-

Node

lenovothinkstation_p330_workstation_firmwareRange<m1vkt72a

AND

lenovothinkstation_p330_workstationMatch-

Node

lenovothinkstation_p330_tiny_workstation_firmwareRange<m1ukt72a

AND

lenovothinkstation_p330_tiny_workstationMatch-

Node

lenovothinkstation_p320_workstation_firmwareRange<s06kt64a

AND

lenovothinkstation_p320_workstationMatch-

CPENameOperatorVersion
lenovo:ideacentre_c5-14imb05_firmwarelenovo ideacentre c5-14imb05 firmwarelto4hkt3ca

CPE	Name	Operator	Version
lenovo:ideacentre_c5-14imb05_firmware	lenovo ideacentre c5-14imb05 firmware	lt	o4hkt3ca

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "BIOS",
    "vendor": "Lenovo",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  }
]

References

support.lenovo.com/us/en/product_security/LEN-141775

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2023-45078

prion1 nvd1 cvelist1